Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager.

jim · 2024-01-09T16:25:15-05:00

Kyocera’s Device Manager product has a security flaw that could let bad actors do harmful things on affected systems. “Attackers can force authentication attempts to their own resources, like a malicious SMB share, to get or relay Active Directory hashed credentials if the ‘Restrict NTLM: Outgoing NTLM traffic to remote servers’ security policy is not enabled,” Trustwave said. Kyocera called it a path traversal issue in an advisory last month. It has the ID CVE-2023-50916. It lets an attacker change and intercept a local path that points to the database backup location to a universal naming convention (UNC) path. Cybersecurity This makes the web application try to authenticate the fake UNC path, which leads to unauthorized access to clients’ accounts and data theft. Also, it could be used to do NTLM relay attacks, depending on the environment’s configuration. The flaw has been fixed in Kyocera Device Manager version 3.1.1213.0. QNAP Releases Fixes for Several Flaws# QNAP fixed several flaws, including high-severity ones that affect QTS and QuTS hero, QuMagie, Netatalk and Video Station. This includes CVE-2023-39296, a prototype pollution flaw that could let remote attackers “change existing attributes to ones that have a different type, which may make the system crash.” The flaw has been fixed in versions QTS 5.1.3.2578 build 20231110 and QuTS hero h5.1.3.2578 build 20231110.

Tonernews.com, January 9, 2024. USA

This topic is empty.

Viewing 1 post (of 1 total)

Author

Posts
#463140

jim
Keymaster

Kyocera’s Device Manager product has a security flaw
that could let bad actors do harmful things on affected systems.
“Attackers can force authentication attempts to their own resources, like a malicious SMB share, to get or relay Active Directory hashed credentials if the ‘Restrict NTLM: Outgoing NTLM traffic to remote servers’ security policy is not enabled,” Trustwave said.

Kyocera called it a path traversal issue in an advisory last month. It has the ID CVE-2023-50916. It lets an attacker change and intercept a local path that points to the database backup location to a universal naming convention (UNC) path.

Cybersecurity This makes the web application try to authenticate the fake UNC path, which leads to unauthorized access to clients’ accounts and data theft. Also, it could be used to do NTLM relay attacks, depending on the environment’s configuration.

The flaw has been fixed in Kyocera Device Manager version 3.1.1213.0.

QNAP Releases Fixes for Several Flaws# QNAP fixed several flaws, including high-severity ones that affect QTS and QuTS hero, QuMagie, Netatalk and Video Station.

This includes CVE-2023-39296, a prototype pollution flaw that could let remote attackers “change existing attributes to ones that have a different type, which may make the system crash.”

The flaw has been fixed in versions QTS 5.1.3.2578 build 20231110 and QuTS hero h5.1.3.2578 build 20231110.
Author

January 9, 2024 at 4:25 PM

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.